Via the Irongeek
website I found NetworkMiner
today. In a way, it does not seem as advanced as Xplico and ClearSight
Analyzer, but it may be sufficient for what you use it and thus a very
good idea to have it in your toolkit anyway. Whereas Xplico is a
freeware *nix application and ClearSight Analyzer is a commercial
Windows program, NetworkMiner is a freeware Windows application. In my
opinion it is usually a good idea to have a mix of commercial and
freeware software, and both *nix and Windows platforms to use them on.
Update: Coincidentally while I was writing this article, an anonymous reader pointed me to a post on the When Puffy Meets RedDevil blog about the very same subject. Thanks for the heads up!
Update 2: Russ McRee from HolisticInfoSec.org was kind enough to drop me an email with some more information on NetworkMiner, including a link to an article he wrote about the application. It is a really nice rundown of NetworkMiner, and set me to think that I should play around some more with it. I'm beginning to get the impression that I seriously underestimated its possibilities, which I failed to see behind the minimalistic looking GUI.
Update: Coincidentally while I was writing this article, an anonymous reader pointed me to a post on the When Puffy Meets RedDevil blog about the very same subject. Thanks for the heads up!
Update 2: Russ McRee from HolisticInfoSec.org was kind enough to drop me an email with some more information on NetworkMiner, including a link to an article he wrote about the application. It is a really nice rundown of NetworkMiner, and set me to think that I should play around some more with it. I'm beginning to get the impression that I seriously underestimated its possibilities, which I failed to see behind the minimalistic looking GUI.
